Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
File: d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa (raw, json)
Hash identifier: 8tuB3CX3XJKtLDPdJ2f6HaUvMn8M27HquLdqeDdMgjA=
Subject key identifier: 42:68:F1:AE:8B:6A:74:A3:EC:B0:E0:13:C1:EF:C9:84:76:71:02:A5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A698102B574AE45A4A4E68F35669A49A9B19E4B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
Signing time: Thu 26 Jun 2025 19:38:55 +0000
ROA not before: Thu 26 Jun 2025 19:38:55 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:69:81:02:b5:74:ae:45:a4:a4:e6:8f:35:66:9a:49:a9:b1:9e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:38:55 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=6dc58c678eff140073127c4d76ff30b2578031c810b6a040f356185cbd9d03cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a3:95:1a:39:50:fb:fc:34:2f:78:f6:00:b2:
89:8a:86:ef:c7:62:4a:29:9c:10:2b:54:d2:8b:88:
c5:56:05:24:b6:65:a7:17:c7:e7:f3:b7:c2:14:4a:
05:a4:e9:52:97:7a:c1:09:20:e4:1b:6c:77:0f:d2:
88:43:73:62:7d:82:07:09:bc:02:a2:32:9a:b6:3c:
ae:1c:aa:ab:51:3f:7a:d9:f6:16:86:a5:eb:e0:3f:
33:c6:6f:3f:2f:ff:07:e5:08:cd:f5:69:42:a7:84:
d3:49:f9:02:dd:67:e7:81:65:31:57:40:cc:1a:81:
f4:df:d1:c2:eb:58:24:96:e7:2d:29:fe:02:20:b1:
20:14:8f:f3:c1:d8:b7:ab:0c:11:5d:60:41:e3:cd:
af:db:b2:5d:e8:41:e1:a2:b0:a2:f9:89:84:01:11:
6b:19:59:95:f8:6b:af:1a:66:65:c6:11:4c:5f:92:
53:6b:4f:64:ce:db:bb:36:28:d5:86:bb:b5:72:3e:
9b:0b:16:68:dc:d7:a1:89:4c:c2:9f:2d:92:d1:d3:
87:7c:af:8d:ff:bd:2b:dc:b2:15:95:5f:88:38:f0:
c1:8c:1c:aa:30:11:08:d1:09:be:69:05:e6:d8:61:
b5:37:49:02:3e:54:61:a3:ca:5c:3e:94:9d:91:92:
00:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:68:F1:AE:8B:6A:74:A3:EC:B0:E0:13:C1:EF:C9:84:76:71:02:A5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c040::/46
Signature Algorithm: sha256WithRSAEncryption
be:81:fa:7c:b7:5f:dc:f3:d5:de:8a:86:a0:53:7f:61:4e:3e:
08:8f:49:a8:5a:70:c5:7f:fb:66:c0:32:15:04:33:1d:46:d8:
40:9e:77:1c:7b:6b:84:20:8d:5c:47:28:43:b2:15:23:24:cc:
d7:23:30:42:10:1f:b9:2f:40:78:27:2e:2c:92:c5:83:80:05:
7e:a5:7e:94:e1:a1:d9:c6:5f:9f:2d:5c:f2:ff:a8:0e:aa:5f:
43:de:ff:3e:13:23:b7:a9:87:d1:af:bf:4a:71:3a:42:a8:8b:
9b:93:1f:d6:a1:a4:24:6f:1a:9e:37:36:90:f8:20:0c:b8:dc:
4e:3b:03:b5:e3:66:d6:c5:5e:f9:80:c3:61:f2:27:83:4a:f5:
b4:2e:42:e7:52:9a:e8:a7:9d:c1:50:e7:e2:4b:e0:ff:31:1f:
88:9e:78:4e:c9:0f:67:cf:e0:e3:0b:64:12:a6:9e:84:30:c6:
bf:40:dd:79:6f:5e:38:b3:b5:97:87:ed:4b:6a:43:e3:89:68:
3d:bf:67:e2:8f:2e:c8:76:6d:e3:8d:c8:ec:38:c5:9e:69:56:
e7:b5:f6:d6:51:cf:5c:59:51:f9:b3:16:c7:45:39:5e:59:40:
5b:7c:c7:9d:23:bf:fb:e3:21:f4:0d:fd:ec:1e:bd:5d:1b:e2:
e1:7e:98:d9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCmmBArV0rkWkpOaPNWaaSamxnkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM4NTVaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkYzU4YzY3OGVmZjE0MDA3MzEyN2M0ZDc2ZmYzMGIyNTc4MDMxYzgxMGI2
YTA0MGYzNTYxODVjYmQ5ZDAzY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6jlRo5UPv8NC949gCyiYqG78diSimcECtU0ouIxVYFJLZlpxfH5/O3whRK
BaTpUpd6wQkg5Btsdw/SiENzYn2CBwm8AqIymrY8rhyqq1E/etn2Foal6+A/M8Zv
Py//B+UIzfVpQqeE00n5At1n54FlMVdAzBqB9N/RwutYJJbnLSn+AiCxIBSP88HY
t6sMEV1gQePNr9uyXehB4aKwovmJhAERaxlZlfhrrxpmZcYRTF+SU2tPZM7buzYo
1Ya7tXI+mwsWaNzXoYlMwp8tktHTh3yvjf+9K9yyFZVfiDjwwYwcqjARCNEJvmkF
5thhtTdJAj5UYaPKXD6UnZGSANsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRCaPGu
i2p0o+yw4BPB78mEdnECpTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDFjMDFjOTItNGEyZS00MGM4LTliNzItZTY1M2FjOTg5NmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPA
QDANBgkqhkiG9w0BAQsFAAOCAQEAvoH6fLdf3PPV3oqGoFN/YU4+CI9JqFpwxX/7
ZsAyFQQzHUbYQJ53HHtrhCCNXEcoQ7IVIyTM1yMwQhAfuS9AeCcuLJLFg4AFfqV+
lOGh2cZfny1c8v+oDqpfQ97/PhMjt6mH0a+/SnE6QqiLm5Mf1qGkJG8anjc2kPgg
DLjcTjsDteNm1sVe+YDDYfIng0r1tC5C51Ka6KedwVDn4kvg/zEfiJ54TskPZ8/g
4wtkEqaehDDGv0DdeW9eOLO1l4ftS2pD44loPb9n4o8uyHZt443I7DjFnmlW57X2
1lHPXFlR+bMWx0U5XllAW3zHnSO/++Mh9A397B69XRvi4X6Y2Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:30:14 2025 by rpki-client